======================= EL7 network management: ======================= :Title: Enterprise Linux ver 7 network management :Author: Douglas O'Leary :Description: Commands, examples, sorted tidbits about network mgmt in EL7 :Disclaimer: Standard: Use the information that follows at your own risk. If you screw up a system, don't blame it on me... :Created: 12/14/17 :Updated: .. contents:: ip command: =========== ifconfig is apparently a dying animal - in fact, not even installed by default in a minimal install. It is available in net-tools, however, for those (like me) that refuse to give up perfectly good tools.... Enter the ip command. I've been getting used to using it for display purposes; apparently, there's quite a bit more to it. General information retrieval: ------------------------------ ip addr show [ ${int} ] Display information on all or the listed interface. Add a '-[46]' to filter output to the desired protocol version. Also note that you don't have to spell the options out:: # ip addr show eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:72:63:35 brd ff:ff:ff:ff:ff:ff inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 3246sec preferred_lft 3246sec inet6 fe80::5054:ff:fe72:6335/64 scope link valid_lft forever preferred_lft forever # ip -4 a s eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 2982sec preferred_lft 2982sec Statistics: ----------- Add *-s* to cli to get interface statistics. Addr or link; doesn't seem to matter:: # ip -4 -s addr show eth0 2: eth0: mtu 1500 qdisc mq state UP qlen 1000 inet 192.168.12.9/24 brd 192.168.12.255 scope global eth0 valid_lft forever preferred_lft forever RX: bytes packets errors dropped overrun mcast 50202937221 35838510 0 2355 0 1498 TX: bytes packets errors dropped carrier collsns 7313634075 9826186 0 0 0 0 # ip -4 -s link show eth0 2: eth0: mtu 1500 qdisc mq state UP mode DEFAULT qlen 1000 link/ether 00:25:90:84:e2:60 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 50202942693 35838570 0 2355 0 1498 TX: bytes packets errors dropped carrier collsns 7313710305 9826269 0 0 0 0 Arp cache management: --------------------- ip neighbor show Basically, the same as ``arp -a``:: # ip n 192.168.12.10 dev eth0 FAILED 192.168.122.188 dev virbr0 lladdr 52:54:00:b9:97:39 STALE 192.168.122.236 dev virbr0 FAILED 192.168.12.7 dev eth0 lladdr 00:13:72:1c:e7:da REACHABLE 192.168.122.88 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.108 dev eth0 lladdr 4c:34:88:74:48:57 STALE 192.168.122.218 dev virbr0 lladdr 52:54:00:72:63:35 STALE 192.168.122.47 dev virbr0 FAILED 192.168.122.10 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.146 dev eth0 lladdr 38:60:77:11:ae:ca STALE 192.168.122.11 dev virbr0 lladdr 52:54:00:9d:02:d2 STALE 192.168.12.1 dev eth0 lladdr 00:14:d1:26:79:2f STALE ip n s nud failed | stale Displays arps that are in failed state:: # ip n s nud stale 192.168.122.188 dev virbr0 lladdr 52:54:00:b9:97:39 STALE 192.168.122.88 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.108 dev eth0 lladdr 4c:34:88:74:48:57 STALE 192.168.122.218 dev virbr0 lladdr 52:54:00:72:63:35 STALE 192.168.122.10 dev virbr0 lladdr 52:54:00:61:59:6d STALE 192.168.12.146 dev eth0 lladdr 38:60:77:11:ae:ca STALE 192.168.122.11 dev virbr0 lladdr 52:54:00:9d:02:d2 STALE 192.168.12.1 dev eth0 lladdr 00:14:d1:26:79:2f STALE ip n d ${ip} dev ${int} Deletes a specific arp cache entry. ip n f dev ${int} Flushes the arp cache. Manual ip assignment: --------------------- The equivalent of ifconfig "${int}:${num}". I can't imagine this will play well with network manager. Format: ip addr add ${cidr} dev ${int}:: # ip -4 a s eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 2706sec preferred_lft 2706sec # ip addr add 192.168.122.12/24 dev eth0 # ip -4 a s eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 2676sec preferred_lft 2676sec inet 192.168.122.12/24 scope global secondary eth0 valid_lft forever preferred_lft forever To delete:: # ip addr del 192.168.122.12/24 dev eth0 # ip -4 a s eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 192.168.122.218/24 brd 192.168.122.255 scope global dynamic eth0 valid_lft 2611sec preferred_lft 2611sec hostnamectl =========== 'cause editing /etc/hosts is just too difficult... To be fair, this doesn't actually edit /etc/hosts. It replaces the host entries in /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-* Files: ------ * /etc/hostname * /etc/machine-id Display informmation: --------------------- :: # hostnamectl Static hostname: localhost.localdomain Icon name: computer-vm Chassis: vm Machine ID: 4f9b8539de994478b143dea9b9007b7f Boot ID: 1d028ed9090f4485b18b9fdea3288a3a Virtualization: kvm Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-693.el7.x86_64 Architecture: x86-64 Set hostname: ------------- :: # hostnamectl set-hostname beta.olearycomputers.com # hostnamectl Static hostname: beta.olearycomputers.com Icon name: computer-vm Chassis: vm Machine ID: 4f9b8539de994478b143dea9b9007b7f Boot ID: 1d028ed9090f4485b18b9fdea3288a3a Virtualization: kvm Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-693.el7.x86_64 Architecture: x86-64 NetworkManager: =============== Interface options: ------------------ * gnome interface (search for control network, if needed). Useful on desktops, laptops, etc. * nmtui: text user interface. Think norton commander. * nmcli Process: -------- Create and activate a new connection: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. Create a new connection. Two examples:: # nmcli con add con-name static type ethernet ifname eth0 \ ip4 192.168.122.11/24 gw4 192.168.122.1 # nmcli con add con-name dhcp type ethernet ifname eth1 # nmcli c s NAME UUID TYPE DEVICE dhcp 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1 eth0 ad7e4f01-33cf-4b66-8dc9-f6ff5c41391a 802-3-ethernet eth0 static 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet -- You can't see it in text, but dhcp is automatically activated. If no IP is specified, apparently defaults to dhcp. You can specify the parameter ipv4.method to either auto or manual. Which means which should be self explanatory. If using manual, command will error out if you don't supply an ip. So, if you supply an IP, ipv4.method automatically gets set to manual; if you don't, it's automatically set to auto. NOTE: the arg is **ipv4.method** if identifying the method but **ip4** if specifying an ip address... no 'v'. Consistency is a wonderful thing. 2. Update DNS information:: # nmcli c mod static ipv4.dns 192.168.122.1,192.168.12.7 \ ipv4.dns-search olearycomputers.com,hsd1.il.comcast.net # nmcli c s static | grep dns ipv4.dns: 192.168.122.1,192.168.12.7 ipv4.dns-search: olearycomputers.com,hsd1.il.comcast.net ipv4.dns-options: (default) ipv4.dns-priority: 0 ipv4.ignore-auto-dns: no ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: (default) ipv6.dns-priority: 0 ipv6.ignore-auto-dns: no 3. Activate the new connection: ``nmcli con up static`` Disable a connection: ~~~~~~~~~~~~~~~~~~~~~ * Down the link: ``nmcli c down eth0`` * Set autocnnect = no to ensure the link does not come back on a reboot:: nmcli c mod eth0 autoconnect no Delete a connection: ~~~~~~~~~~~~~~~~~~~~ :: nmcli c del eth0 Rename a connection: ~~~~~~~~~~~~~~~~~~~~ A lot simpler than I expected. Simply change connection.id. To wit:: # nmcli c s NAME UUID TYPE DEVICE dhcp 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1 static 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet eth0 # nmcli c s static | grep static connection.id: static GENERAL.NAME: static # nmcli c mod static connection.id eth0 # nmcli c mod dhcp connection.id eth1 # nmcli c s NAME UUID TYPE DEVICE eth0 06460184-e76f-4158-8e94-31caa266c7a5 802-3-ethernet eth0 eth1 86abcab1-1d73-4032-a0f7-08d2360ca6a6 802-3-ethernet eth1 Command: -------- nmcli device wifi list Displays wifi networks, ssids, strength, etc. Should be possible to scan for other types of network as well but *ethernet*, for instance, doesn't work. nmcli general permissions Displays the permissions set via polkit. nmcli con show [ --active ] Displays information on the available connections. nmcli dev status Displays information the available devices. Reverse 'con show', if you will. nmcli con add con-name ${name} type ethernet ifname ${int} ... Add a new connection. See discusion above for more details. nmcli con mod ${con} ${key} ${value}... Modify connection information. nmcli con del ${conn} Delete a connection Network time protocol: ====================== And I quote:: The provision of NTP on RHEL 7 can be done via the chronyd or ntpd daemon itself. The chronyd daemon is enabled by default; however, this is really designed for desktops and machines that are often disconnected from networks. Synchronizationof tiem with chronyd is much quicker than ntpd and is therefore suitable for mahcines that are booted frequently or often suspended. The ntpd daemmon is still preferred for servers because it supports more authentication optionns and can brodcast time over a network. commands: --------- systemctl status chronyd: daemon status chronyc tracking Displays synchronization data including current server:: # chronyc tracking Reference ID : D8E50031 (eterna.binary.net) Stratum : 3 Ref time (UTC) : Fri Dec 15 05:49:41 2017 System time : 0.000597588 seconds fast of NTP time Last offset : +0.000220011 seconds RMS offset : 0.001000840 seconds Frequency : 11.023 ppm fast Residual freq : +0.002 ppm Skew : 0.043 ppm Root delay : 0.047105689 seconds Root dispersion : 0.016731955 seconds Update interval : 1028.3 seconds Leap status : Normal chronyc sources [ -v ] Displays the list of available servers. Add a *-v* arg to have chronyc describe the columns:: # chronyc sources 210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* eterna.binary.net 2 10 377 95 -2226us[-2168us] +/- 40ms ^+ static-96-244-96-19.bltm> 2 10 377 726 +292us[ +347us] +/- 52ms ^+ clocka.ntpjs.org 2 10 377 163 -1912us[-1854us] +/- 58ms ^+ mail.coldnorthadmin.com 2 10 377 28m +5631us[+5896us] +/- 69ms